Cloud Compliance for Salesforce Features

The ability to create fields that automatically mask data such as credit card numbers or passwords.

The ability to mask data in real time as it is entered.

The ability to apply or remove masking after data has been entered.

Tools to mask data using a consistent ruleset.

Tools to mask data using random characters and data.

Monitors data quality and sends alerts based on violations or misuse.

Constantly monitors acivity related to user behavior and compares activity to benchmarked patterns.

Ensures user access management, data lineage, and data encryption.

Supports compliance with PII, GDPR, HIPPA, PCI, and other regulatory standards.

Meets GDPR requirements for pseudonymisation under the Data Protection by Design and by Default requirements.

Meets de-identification requirements under the CCPA.

Data Subject Access Request (DSAR) functionality helps companies comply with user access and deletion requests.

Identity verification functionality validates a person's identity prior to a company complying with a data subject access request.

Data mapping functionality, which helps companies understand how data flows throughout their organization, is achieved through automated machine learning.

Data discovery features collect and aggregate data from a variety of sources and prepares it in formats that both people and software can easily use it to then run analytics.

Data classification features tag the discovered data to make it easy to search, find, retrieve, and track.

De-identification or pseudonymization features replace personally identifiable information with artificial identifiers, or pseudonyms to comply with privacy regulations.

Data Breach Notification features help companies automate their breach response to stakeholders.

Consent management features help companies obtain and manage user consent when collecting, sharing, buying, or selling a user's data.

Data Access Governance functionality helps limit the number of people who have access to data unless they are permissioned to do so.

Offers traditional static de-identification (also known as consistent replacement), where the pseudonymized data uses the same pseudonyms across multiple data sets. For example, John Smith is replaced with Robert Fox and the Robert Fox name is used multiple times. This type of pseudonymization carries some risks of re-identification if paired with enough datasets.

Offers dynamic de-identification (also known as random replacement), where the pseudonymized data uses different pseudonyms across multiple data sets. For example, John Smith is replaced with Robert Fox once, and then the next time the data is used the name changes to Michael Jones. This type of pseudonymization carries lesser risk of re-identification if paired with many datasets.

Offers methods to de-identify large volumes of data using batch files.

Identity verification functionality validates a person's identity prior to a company complying with a data subject access request.

Offers workflows to process Data Subject Access Requests to enable multiple departments to assist when complying with user access and deletion requests.

Offers a user-facing portal for data subjects to request access to their data.

Has reporting and log functionality to prove that companies are in compliance with mandated response time, per privacy laws such as GDPR, CCPA, and others.

Has a centralized view of data breach notification functions including any tasks that are at risk of falling behind mandated reporting timelines.

Provides tools such as auto-discovery to assist companies in automating their breach notification response.

Provides functionality to help companies comply data breach notification timelines, as determined by various regulatory laws.

Offers workflows to enable multiple departments to collaborate on data breach notification tasks

Has reporting and analytics functionality to show compliance with data breach notification laws.

Offers a dashboard to capture, store, and manage granular user consents

Provide reporting functions showing granular data to demonstrate compliance to regulators

Integrates with marketing software and other analytical tools

Allows end-users to manage their preferences online

Shows audit trails of how user consent preferences have changed

Offers APIs to link to your data

Offers a mobile SDK to use consent management tools on mobile apps

Offers customizeable designs to match corporate branding

Offers server-side storage of consent, not client-side, for compliance reporting purposes

Searches structured, semi-structured, and unstructured data for sensitive data.

Offers contextual search functions to understand factors such as file type, sensitivity, user type, location, and other metadata.

Has template rules and pattern matching algorithms (PII, PCI, PHI and more)

Offers the option to create custom templates and rules based on department, user type and data type.

Search multiple file types (images, PDFs, etc.) and repository locations (such as on-premise databases, cloud storage, email servers, websites, etc.)

Offers a dashboard showing specific location of sensitive data.

Facilitates compliance and enables adherence to common industry regulatory standards such as GDPR, CCPA, HIPAA, PCI DSS, ISO, and others.

Offers reporting functionality.

Offers APIs to connect products.

Capability to perform complex tasks without constant human input

Ability to break down and plan multi-step processes

Works across multiple software systems or databases

Anticipates needs and offers suggestions without prompting

Capability to perform complex tasks without constant human input

Ability to break down and plan multi-step processes

Works across multiple software systems or databases

Improves performance based on feedback and experience

Engages in human-like conversation for task delegation

Anticipates needs and offers suggestions without prompting

Makes informed choices based on available data and objectives